Re: [Freeipa-devel] [PATCH] 29 Configure SSSD to store password if offline

2011-07-15 Thread Rob Crittenden 

Jan Cholasta wrote:

Enable the krb5_store_password_if_offline option in sssd.conf by
default. To turn it off, use --no-krb5-offline-passwords option in
ipa-client-install.

https://fedorahosted.org/freeipa/ticket/1359

Honza



ack, pushed to master

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 29 Configure SSSD to store password if offline

2011-07-13 Thread Jan Cholasta 
Enable the krb5_store_password_if_offline option in sssd.conf by 
default. To turn it off, use --no-krb5-offline-passwords option in 
ipa-client-install.


https://fedorahosted.org/freeipa/ticket/1359

Honza

--
Jan Cholasta
>From 7cd7a371fa85410f2dd22250ed9473a6a28ab71e Mon Sep 17 00:00:00 2001
From: Jan Cholasta 
Date: Tue, 28 Jun 2011 14:19:51 +0200
Subject: [PATCH] Configure SSSD to store user password if offline.

ticket 1359
---
 ipa-client/ipa-install/ipa-client-install |4 
 ipa-client/man/ipa-client-install.1   |3 +++
 2 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 884dd21..6bdeb87 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -90,6 +90,8 @@ def parse_options():
   help="The hostname of this server (FQDN). By default of nodename from uname(2) is used.")
 parser.add_option("", "--enable-dns-updates", dest="dns_updates", action="store_true", default=False,
   help="Configures the machine to attempt dns updates when the ip address changes.")
+parser.add_option("--no-krb5-offline-passwords", dest="krb5_offline_passwords", action="store_false",
+  help="Configure SSSD not to store user password when the server is offline", default=True)
 
 options, args = parser.parse_args()
 safe_opts = parser.get_safe_opts(options)
@@ -550,6 +552,8 @@ def configure_sssd_conf(fstore, cli_realm, cli_domain, cli_server, options):
 
 if options.dns_updates:
 domain.set_option('ipa_dyndns_update', True)
+if options.krb5_offline_passwords:
+domain.set_option('krb5_store_password_if_offline', True)
 
 domain.set_active(True)
 
diff --git a/ipa-client/man/ipa-client-install.1 b/ipa-client/man/ipa-client-install.1
index 40d53a8..e689177 100644
--- a/ipa-client/man/ipa-client-install.1
+++ b/ipa-client/man/ipa-client-install.1
@@ -81,6 +81,9 @@ The hostname of this server (FQDN). By default of nodename from uname(2) is used
 .TP
 \fB\-\-enable\-dns\-updates\fR
 This option tells SSSD to automatically update DNS with the IP address of this client.
+.TP
+\fB\-\-no\-krb5\-offline\-passwords\fR
+Configure SSSD not to store user password when the server is offline.
 .SH "EXIT STATUS"
 0 if the installation was successful
 
-- 
1.7.4.4

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel